Re: 2.6.20 and IP_CONNTRACK_FTP
David Baron wrote:
> On Thursday 22 February 2007, debian-user-digest-request@lists.debian.org
> wrote:
>> > Compiled it taking all the defaults on new features. It boots just fine
>> > but has fatal ip_tables errors over and over missing this item. Cannot
>> > connect to internet.
>> >
>> > Any ideas? Do I need this and why?
>> >
>> > Google had something about setting: modprobe ip_conntrack_ftp
>> > ports=21,2121 if compiled as a module. So I set the previously unset
>> > constant=m and am recompiling. Where would I specify the modprobe
>> > arguments?
>>
>> I ran into this compiling 2.6.20 with the .config of 2.6.19 and FireHol
>> complained as you describe.
>>
>> I changed the .config as follows:
>>
>> diff .config.2.6.20 .config.2.6.19.1.ck2
>>
>> ...
>> 390,393d380
>> < CONFIG_NF_CONNTRACK_ENABLED=m
>> < # CONFIG_NF_CONNTRACK_SUPPORT is not set
>> < CONFIG_IP_NF_CONNTRACK_SUPPORT=y
>> < CONFIG_IP_NF_CONNTRACK=m
>> 399d385
>> < # CONFIG_NETFILTER_XT_TARGET_NFLOG is not set
>> 420d405
>> < # CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set
>> 424a410
>> > CONFIG_IP_NF_CONNTRACK=m
>> 447a434
>> > # CONFIG_IP_NF_MATCH_HASHLIMIT is not set
>> 460d446
>> < CONFIG_IP_NF_NAT_FTP=m
>> 461a448
>> > CONFIG_IP_NF_NAT_FTP=m
>
> oooh!
> there are entries for CONFIG_NF_CONNTRACK ....
> there are also entries for CONFIG_IP_NF_CONNTRACK !!
>
> So ... I set the ones like you have <
> Try to recompile :-)
My attempt at building 2.6.20 after make oldconfig
and accepting defaults also went badly. Being utterly
ignorant, I began again, this time choosing to include
(as Y or m) most of the netfilter stuff that was unset
by default. This worked. And I'm still ignorant.
Reply to: